Browse by type
Welcome to the Coinbase Open Source MPC Library. This repository provides the essential cryptographic protocols that can be utilized to secure asset keys in a decentralized manner using MPC (secure multiparty computation / threshold signing) for blockchain networks.
This cryptographic library is based on the MPC library used at Coinbase to protect cryptoassets, with modifications to make it suitable for public use. The library is designed as a general-purpose cryptographic library for securing cryptoasset keys, allowing developers to build their own applications. Coinbase has invested significantly in building a secure MPC library, and it is our hope that this library will help those interested in deploying MPC to do so easily and securely.
cb-mpc is a native cryptographic library for MPC protocols. It gives application developers the building blocks needed to generate and refresh keyshares, derive supported keys, produce MPC signatures, and support key-backup workflows via publicly verifiable encryption (PVE).
cb-mpc does:
cb-mpc does not:
If you build on the lower-level full API (including internal and low-level functionality), more validation and protocol-composition responsibility shifts to the integrating application. See High-level Public API vs the Full API and Supported Runtime and Deployment Environments for more detail.
The code in this open source library is derived from the code used at Coinbase, with significant changes in order to make it a general-purpose library. In particular, Coinbase applies these protocols with very specific flows as needed in our relevant applications, whereas this code is designed to enable general-purpose use and therefore supports arbitrary flows. In some cases, this generality impacts efficiency, in order to ensure safe default usage.
In addition to releasing the source code for our library, we have published the underlying theoretical work along with detailed specifications. This is a crucial step because merely implementing a theoretical paper can overlook significant errors. At Coinbase, we adhere to the following development process:
The theory documents and specifications are a considerable contribution within themselves, as a resource for cryptographers and practitioners.
Although this library is designed for general use, we have included examples showcasing common applications:
The library comes with various tests and checks to increase the confidence in the code including:
make dudectmake testmake benchmake lintThe cb-mpc library contains two levels of APIs, a public one that contains the API for calling high-level MPC protocols like DKG, threshold signing and publicly-verifiable encryption for backup. These APIs are simple to use, and are recommended for those wishing to use the cb-mpc protocols as is. The second level contains the full cb-mpc API and includes all mid and low-level functions as well. These APIs are intended for users wishing to modify protocols or implement other protocols using the cb-mpc infrastructure. We stress that all functions in the public API are safe, including validation of all externally received inputs. In contrast, not all lower-level APIs include all such validations. For example, an elliptic curve point received from another party in a protocol needs to be validated once and not every time it is used. In addition, some zero-knowledge proofs may depend on other zero-knowledge proofs already being validated. This is taken care of in the public API, but the user is responsible for ensuring all of this when using the lower-level full API. Note that the Coinbase HackerOne bug bounty requires finding a bug in the public API for it to be consider Medium or above. See BUG_BOUNTY.md for details.
docs: the pdf files that define the detailed cryptographic specification and theoretical documentation (you need to enable git-lfs to get them)include: public headers (installed in both public and full install modes)include/cbmpc/api/ (coinbase::api)include/cbmpc/c_api/ (cbmpc_*)include-internal: internal headers (installed only in full mode), included as <cbmpc/internal/...>src: C++ implementation sourcesdemo-cpp: a collection of examples of common use cases in c++scripts: a collection of scripts used by the Makefiletools/benchmark: a collection of benchmarks for the librarytests/{dudect,integration,unit}: a collection of tests for the libraryThis repository provides a native C++ cryptographic library. It is intended to be embedded into backend services, native applications, and other environments where the calling application can control process isolation, network transport, and secret storage.
The environments that we support are:
x86_64 and Apple Silicon) and LinuxBoth native macOS development and the provided Linux Docker environment are intended to be ways to build and test the library. GitHub workflows currently run on Linux using the Docker image.
This library is not a hosted service and does not provide a production networking stack, deployment framework, key-management system, or transport security layer. In production deployments, the integrating application is responsible for:
The library is intended for native environments where the integrating application can enforce those controls. In an MPC deployment, that may mean all parties run in backend services or that some parties run in native client applications on supported platforms. Other targets, such as browsers, WebAssembly, Windows, or mobile platforms, are not currently documented in this repository as supported deployment environments.
cb-mpc implements MPC key-generation (dkg and local generation), refresh, derivation, and signing protocols. It does not provide a custody service, policy engine, or application workflow around those protocols.
In the public API, calls like dkg* and refresh* return opaque key_blob / keyset_blob values with each party's share to each party. Those blobs are later passed back into sign*, refresh*, derive*, and related APIs. This means the integrating application owns the lifecycle of those blobs and must treat them as secret key material.
The integrating application is responsible for:
A few practical tips:
key_blob / keyset_blob and no protected backup exists, recovery may depend on the protocol and access structure; do not assume cb-mpc can recreate that party-local secret material for you.detach_private_scalar, get_public_share_compressed, and attach_private_scalar helpers for application-managed backup and restore flows, including verifiable backup schemes such as publicly verifiable encryption (PVE).refresh* APIs when you want fresh shares for the same (combined) key; if your operational policy requires replacing the key entirely, run a new dkg* flow and migrate in the application layer.The library is responsible for:
For transport, opaque blob handling, session identifiers, and other operational security requirements, see SECURE_USAGE.md.
After cloning the repo, you need to update the submodules with the following command.
git submodule update --init --recursive
Furthermore, to obtain the documentations (in pdf form), you need to enable git-lfs
There are three build modes available:
$ claude mcp add cb-mpc \
-- python -m otcore.mcp_server <graph>